On Thu, 20 Mar 2003, Kharnas, Simon wrote: > Hello, Mark. > > I am trying to limit the telnet logon from the outside world. I thought that > DENY and ALLOW files can limit that access, so that the outside (i.e. > Internet users) would not be able to logon to the server on a regular basis. > I still would like to allow the local users to access the host via telnet.
I prefer ssh over telnet over my private LAN because it's more convenient. It seems to me the documentation on this is quite good. If, on reading through "man hosts.allow" you can't make progress, you will need to show us what you have so we can offer realistic advice. Oh, I see the subject. The best way to limit it is to deny it by not installing the telnet server. If it has any redeeming features, I've long forgotten them. > > > Simon Kharnas > TIAA/CREF > > > -----Original Message----- > From: Post, Mark K [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 20, 2003 3:04 PM > To: [EMAIL PROTECTED] > Subject: Re: What is the best way to limit Linux Telnet access to > /localho st o nly > > > Simon, > > Do you have /etc/inetd.conf set up to use TCP Wrappers with telnetd? If so, > what did you put in your /etc/hosts.allow and /etc/hosts.deny files? Why > would you want to allow people already logged on to the system to telnet > into the system again? And deny allow people not already logged on telnet > access? What are you really trying to accomplish? > > Have you considering completely scrapping telnet and using SSH instead? See > recent threads about why telnet should not be used for any reason, any time. > > > Mark Post > > -----Original Message----- > From: Kharnas, Simon [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 20, 2003 9:58 AM > To: [EMAIL PROTECTED] > Subject: What is the best way to limit Linux Telnet access to /localhost > o nly > > > I tried to play with the ALLOW and DENY files, but noticed that this doesn't > prevent users from Telnetting in ... Am I missing something else? -- Cheers John. Join the "Linux Support by Small Businesses" list at http://mail.computerdatasafe.com.au/mailman/listinfo/lssb
